Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5817
Views
7
Helpful
11
Replies

API Script to Manage Meraki Cloud Authentication accounts

russell.sage
Level 7
Level 7

‎01-29-2024 02:09 PM

I have written a script to remove guest accounts that are older than 7days from the day the script is run inline with my customers policy. The script appears to work. Items in BOLD are print statements in the script. But all the users I check on the dashboard are still present.

api call:

networkId = network["id"]

userId = user["id"]

dashboard.networks.deleteNetworkMerakiAuthUser(
    networkId, userId)

From the console

{'id': 'c2FsbWFuLndhc3RpQGNlbnRyaWNhLmNvbSxHdWVzdA==', 'email': 'salman.wasti@centrica.com', 'name': 'Salman', 'createdAt': '2018-12-19T14:04:55.855830Z', 'accountType': 'Guest', 'isAdmin': False, 'authorizations': [{'ssidNumber': 1, 'authorizedZone': 'MyGuest', 'expiresAt': '2019-01-18T14:04:52.000000Z', 'authorizedByName': None, 'authorizedByEmail': None}]}
Salman has expired
2024-01-29 21:47:31 meraki: INFO > networks, deleteNetworkMerakiAuthUser - 204 No Content
2024-01-29 21:47:31 meraki: INFO > DELETE https://n645.meraki.com/api/v1/networks/N_658651445502962172/merakiAuthUsers/c2FtLnNhbGloQGNlbnRyaWNhLmNvbSxHdWVzdA%3D%3D
Salman **DELETED**

The line red is confusing me. According to the API guid for deleting a merakiauth user the response 204 is a successful operation

Labels:
0 Helpful
11 Replies 11

amitpalsingh
Level 5
Level 5

‎01-29-2024 10:14 PM

This will deauthorize user if it is still active, not delete it

The user will still remain in the history..

I don't think Meraki let's you delete users from history using API

aleabrahao
Meraki Community All-Star
Meraki Community All-Star
In response to amitpalsingh

‎01-30-2024 04:04 AM

"If the ID supplied is for a splash guest or client VPN user, and that user is not authorized for any other networks in the organization, then also delete the user. 802.1X RADIUS users are always deleted regardless of this optional attribute."

https://developer.cisco.com/meraki/api-v1/delete-network-meraki-auth-user/

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

amitpalsingh
Level 5
Level 5
In response to aleabrahao

‎01-30-2024 04:15 AM

I tried same in my org but it does not delete the splash guest entry , just deauthorizes it.. The user will still exist in the user history

0 Helpful

aleabrahao
Meraki Community All-Star
Meraki Community All-Star
In response to amitpalsingh

‎01-30-2024 04:19 AM

And that user is not authorized for any other networks in the organization, then also delete the user.

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Helpful

russell.sage
Level 7
Level 7
In response to amitpalsingh

‎01-30-2024 07:27 AM

If you can't delete the user how is the Meraki solution GDPR compliant?

0 Helpful

amitpalsingh
Level 5
Level 5
In response to russell.sage

‎01-30-2024 07:47 AM

You can remove user from dashboard manually and that will delete the user from the org, but using API i think that is not possible because API just unauthorizes the user in the network , does not delete it from org level

0 Helpful

aleabrahao
Meraki Community All-Star
Meraki Community All-Star
In response to amitpalsingh

‎01-30-2024 07:55 AM

Check the description I sent you.

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Helpful

russell.sage
Level 7
Level 7
In response to amitpalsingh

‎01-30-2024 11:59 PM

I have 4000+ accounts manual simply isn't an option. Also when self certified accounts are created they don't seem to set an expiry date.

0 Helpful

Rasmus Hoffmann Birkelund
Meraki Community All-Star
Meraki Community All-Star

‎01-30-2024 10:51 AM

Try passing "delete = True" as a parameter to your call aswell. That is,

dashboard.networks.deleteNetworkMerakiAuthUser(
    networkId, userId,
    delete = True
)
#########
LinkedIn ::: https://blog.rhbirkelund.dk/
Like what you see? - Mark as helpful ## Did it answer your question? - Mark it as a Solution 🙂
All code examples are provided as is. Responsibility for Code execution is solely your own.

russell.sage
Level 7
Level 7
In response to Rasmus Hoffmann Birkelund

‎01-30-2024 11:55 PM

Thank you I will give this ago. I have 4000+ accounts that need to be deleted. I can't delete them manually. I will try the delete = 'True' parameter.

0 Helpful

russell.sage
Level 7
Level 7
In response to Rasmus Hoffmann Birkelund

‎02-13-2024 01:07 AM

I tried that it didn't work. Interestingly you can delete a using Postman with the delete keyword. I have raised a TAC case and they it can't be done and that an internal case is being raise to amend their documentation

0 Helpful
Customers Also Viewed These Support Documents